20th Dec 2001 [SBWID-4948]
COMMAND
mailman cross-site scripting hole
SYSTEMS AFFECTED
mailman up to 2.0.8
PROBLEM
Barry A. Warsaw reported several cross-site scripting security holes in
Mailman, due to non-existent escaping of CGI variables.
SOLUTION
Latest version :
http://prdownloads.sourceforge.net/mailman/mailman-2.0.8.tgz
Debian Source archives:
http://security.debian.org/dists/stable/updates/main/source/mailman_1.1.10.diff.gz
http://security.debian.org/dists/stable/updates/main/source/mailman_1.1.orig.tar.gz
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
